[build] cmd/gitmirror: get tini from Debian
11 views
Skip to first unread message
Heschi Kreinick (Gerrit)
Jun 14, 2021, 4:38:06 PM6/14/21
to goph...@pubsubhelper.golang.org, Alexander Rakoczy, Carlos Amedee, Dmitri Shuralyov, golang-co...@googlegroups.com
Attention is currently required from: Carlos Amedee.
Heschi Kreinick would like Carlos Amedee to review this change.
cmd/gitmirror: get tini from Debian
tini is in Debian so we don't need to do anything special to install it.
Change-Id: Ic0e981f3476c496426a8dc3c408aad9417836e13
---
M cmd/gitmirror/Dockerfile
M cmd/gitmirror/rc-prod.yaml
M cmd/gitmirror/rc-staging.yaml
3 files changed, 4 insertions(+), 12 deletions(-)
diff --git a/cmd/gitmirror/Dockerfile b/cmd/gitmirror/Dockerfile
index c85258a..9404366 100644
--- a/cmd/gitmirror/Dockerfile
+++ b/cmd/gitmirror/Dockerfile
@@ -42,20 +42,12 @@
git-core \
openssh-client \
gnupg dirmngr \
- curl \
+ curl tini \
&& rm -rf /var/lib/apt/lists/*
# Install gcloud for auth to CSR, see https://cloud.google.com/sdk/docs/install#deb
RUN echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] http://packages.cloud.google.com/apt cloud-sdk main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list && curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key --keyring /usr/share/keyrings/cloud.google.gpg add - && apt-get update -y && apt-get install google-cloud-sdk -y
-# See https://github.com/golang/go/issues/23705
-ENV TINI_VERSION v0.16.1
-ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
-ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc /tini.asc
-RUN gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 \
- && gpg --verify /tini.asc
-RUN chmod +x /tini
-
# Add github.com's known_hosts entries, so git push calls later don't
# prompt, and don't need to have their strict host key checking
# disabled.
@@ -66,4 +58,4 @@
&& chmod 0600 ~/.ssh/known_hosts
COPY --from=build /go/bin/gitmirror /
-ENTRYPOINT ["/tini", "--", "/gitmirror"]
+ENTRYPOINT ["/usr/bin/tini", "--", "/gitmirror"]
diff --git a/cmd/gitmirror/rc-prod.yaml b/cmd/gitmirror/rc-prod.yaml
index 562b2f6..4cc7a2f 100644
--- a/cmd/gitmirror/rc-prod.yaml
+++ b/cmd/gitmirror/rc-prod.yaml
@@ -26,7 +26,7 @@
env:
- name: XDG_CACHE_HOME
value: "/cache"
- command: ["/tini", "--", "/gitmirror", "-http=:8585", "-mirror=true", "-cachedir=/cache/gitmirror"]
+ command: ["/usr/bin/tini", "--", "/gitmirror", "-http=:8585", "-mirror=true", "-cachedir=/cache/gitmirror"]
volumeMounts:
- mountPath: /cache
name: cache-volume
diff --git a/cmd/gitmirror/rc-staging.yaml b/cmd/gitmirror/rc-staging.yaml
index 7e79d7d..b1c6733 100644
--- a/cmd/gitmirror/rc-staging.yaml
+++ b/cmd/gitmirror/rc-staging.yaml
@@ -26,7 +26,7 @@
env:
- name: XDG_CACHE_HOME
value: "/cache"
- command: ["/tini", "--", "/gitmirror", "-http=:8585", "-cachedir=/cache/gitmirror"]
+ command: ["/usr/bin/tini", "--", "/gitmirror", "-http=:8585", "-cachedir=/cache/gitmirror"]
volumeMounts:
- mountPath: /cache
name: cache-volume
To view, visit change 327756. To unsubscribe, or for help writing mail filters, visit settings.
Carlos Amedee (Gerrit)
Jun 14, 2021, 5:02:20 PM6/14/21
to Heschi Kreinick, goph...@pubsubhelper.golang.org, Go Bot, Dmitri Shuralyov, Alexander Rakoczy, golang-co...@googlegroups.com
Attention is currently required from: Heschi Kreinick.
Patch set 1:Code-Review +2
Dmitri Shuralyov (Gerrit)
Jun 14, 2021, 5:30:15 PM6/14/21
to Heschi Kreinick, goph...@pubsubhelper.golang.org, Carlos Amedee, Go Bot, Dmitri Shuralyov, Alexander Rakoczy, golang-co...@googlegroups.com
Attention is currently required from: Heschi Kreinick.
2 comments:
Patchset:
Since this CL is cleaning up/simplifying the Dockerfile, I left an optional comment about something I spotted, in case you think it's worth expanding the scope. (It's fine not to expand scope.)
File cmd/gitmirror/Dockerfile:
Patch Set #1, Line 46:
rm -rf /var/lib/apt/lists/*As I understand, this line was meant to be an optimization to remove unneeded files after the 'apt-get update && apt-get install' invocation.
The 'Install gcloud' step below also runs 'apt-get update && apt-get install'.
Would it make sense to either move this rm command to happen after the new 'apt-get update && apt-get install' below, or to remove it if we no longer want this optimization?
To view, visit change 327756. To unsubscribe, or for help writing mail filters, visit settings.
Heschi Kreinick (Gerrit)
Jun 15, 2021, 1:47:24 PM6/15/21
to goph...@pubsubhelper.golang.org, golang-co...@googlegroups.com
Attention is currently required from: Dmitri Shuralyov.
Heschi Kreinick uploaded patch set #2 to this change.
cmd/gitmirror: get tini from Debian
tini is in Debian so we don't need to do anything special to install it.
Change-Id: Ic0e981f3476c496426a8dc3c408aad9417836e13
---
M cmd/gitmirror/Dockerfile
M cmd/gitmirror/rc-prod.yaml
M cmd/gitmirror/rc-staging.yaml
3 files changed, 5 insertions(+), 13 deletions(-)
To view, visit change 327756. To unsubscribe, or for help writing mail filters, visit settings.
Heschi Kreinick (Gerrit)
Jun 15, 2021, 1:47:25 PM6/15/21
to goph...@pubsubhelper.golang.org, Carlos Amedee, Go Bot, Dmitri Shuralyov, Alexander Rakoczy, golang-co...@googlegroups.com
Attention is currently required from: Dmitri Shuralyov.
1 comment:
File cmd/gitmirror/Dockerfile:
Patch Set #1, Line 46:
rm -rf /var/lib/apt/lists/*
As I understand, this line was meant to be an optimization to remove unneeded files after the 'apt-g […]
I was skeptical, but at least on my workstation they're 200M so I guess it's worth doing. Good catch.
I think to minimize the size of the overall set of layers we need to do it in each RUN step so I duplicated rather than moving.
To view, visit change 327756. To unsubscribe, or for help writing mail filters, visit settings.
Heschi Kreinick (Gerrit)
Jun 16, 2021, 2:01:09 PM6/16/21
to goph...@pubsubhelper.golang.org, golang-co...@googlegroups.com
Attention is currently required from: Dmitri Shuralyov.
Heschi Kreinick uploaded patch set #3 to this change.
cmd/gitmirror: get tini from Debian
tini is in Debian so we don't need to do anything special to install it.
Change-Id: Ic0e981f3476c496426a8dc3c408aad9417836e13
---
M cmd/gitmirror/Dockerfile
M cmd/gitmirror/deployment.yaml
2 files changed, 4 insertions(+), 12 deletions(-)
To view, visit change 327756. To unsubscribe, or for help writing mail filters, visit settings.
Heschi Kreinick (Gerrit)
Jun 16, 2021, 2:06:25 PM6/16/21
to goph...@pubsubhelper.golang.org, golang-...@googlegroups.com, Go Bot, Carlos Amedee, Dmitri Shuralyov, Alexander Rakoczy, golang-co...@googlegroups.com
Heschi Kreinick submitted this change.
Approvals:
Carlos Amedee: Looks good to me, approved
Heschi Kreinick: Trusted; Run TryBots
Go Bot: TryBots succeeded
cmd/gitmirror: get tini from Debian
tini is in Debian so we don't need to do anything special to install it.
Change-Id: Ic0e981f3476c496426a8dc3c408aad9417836e13
Reviewed-on: https://go-review.googlesource.com/c/build/+/327756
Trust: Heschi Kreinick <hes...@google.com>
Run-TryBot: Heschi Kreinick <hes...@google.com>
TryBot-Result: Go Bot <go...@golang.org>
Reviewed-by: Carlos Amedee <car...@golang.org>
---
M cmd/gitmirror/Dockerfile
M cmd/gitmirror/deployment.yaml
2 files changed, 4 insertions(+), 12 deletions(-)
diff --git a/cmd/gitmirror/Dockerfile b/cmd/gitmirror/Dockerfile
index c85258a..3e8fdbc 100644
--- a/cmd/gitmirror/Dockerfile
+++ b/cmd/gitmirror/Dockerfile
@@ -42,19 +42,11 @@
git-core \
openssh-client \
gnupg dirmngr \
- curl \
+ curl tini \
&& rm -rf /var/lib/apt/lists/*
# Install gcloud for auth to CSR, see https://cloud.google.com/sdk/docs/install#deb
-RUN echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] http://packages.cloud.google.com/apt cloud-sdk main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list && curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key --keyring /usr/share/keyrings/cloud.google.gpg add - && apt-get update -y && apt-get install google-cloud-sdk -y
-
-# See https://github.com/golang/go/issues/23705
-ENV TINI_VERSION v0.16.1
-ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
-ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc /tini.asc
-RUN gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 \
- && gpg --verify /tini.asc
-RUN chmod +x /tini
+RUN echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] http://packages.cloud.google.com/apt cloud-sdk main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list && curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key --keyring /usr/share/keyrings/cloud.google.gpg add - && apt-get update -y && apt-get install google-cloud-sdk -y && rm -rf /var/lib/apt/lists/*
# Add github.com's known_hosts entries, so git push calls later don't
# prompt, and don't need to have their strict host key checking
@@ -66,4 +58,4 @@
&& chmod 0600 ~/.ssh/known_hosts
COPY --from=build /go/bin/gitmirror /
-ENTRYPOINT ["/tini", "--", "/gitmirror"]
+ENTRYPOINT ["/usr/bin/tini", "--", "/gitmirror"]
diff --git a/cmd/gitmirror/deployment.yaml b/cmd/gitmirror/deployment.yaml
index 0329070..1ff6a92 100644
--- a/cmd/gitmirror/deployment.yaml
+++ b/cmd/gitmirror/deployment.yaml
@@ -28,7 +28,7 @@
env:
- name: XDG_CACHE_HOME
value: "/cache"
- command: ["/tini", "--", "/gitmirror", "-http=:8585", "-mirror=true", "-cachedir=/cache/gitmirror"]
+ command: ["/usr/bin/tini", "--", "/gitmirror", "-http=:8585", "-mirror=true", "-cachedir=/cache/gitmirror"]
volumeMounts:
- mountPath: /cache
name: cache-volume
1 is the latest approved patch-set.
The change was submitted with unreviewed changes in the following files:
The name of the file: cmd/gitmirror/Dockerfile
Insertions: 1, Deletions: 1.
```
@@ -48:49, +48:49 @@
- RUN echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] http://packages.cloud.google.com/apt cloud-sdk main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list && curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key --keyring /usr/share/keyrings/cloud.google.gpg add - && apt-get update -y && apt-get install google-cloud-sdk -y
+ RUN echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] http://packages.cloud.google.com/apt cloud-sdk main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list && curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key --keyring /usr/share/keyrings/cloud.google.gpg add - && apt-get update -y && apt-get install google-cloud-sdk -y && rm -rf /var/lib/apt/lists/*
```
The name of the file: cmd/gitmirror/rc-staging.yaml
Insertions: 0, Deletions: 41.
```
@@ -0:42 @@
- apiVersion: v1
- kind: ReplicationController
- metadata:
- name: gitmirror-rc
- spec:
- replicas: 2
- selector:
- app: gitmirror
- template:
- metadata:
- name: gitmirror
- labels:
- app: gitmirror
- annotations:
- container.seccomp.security.alpha.kubernetes.io/gitmirror: docker/default
- container.apparmor.security.beta.kubernetes.io/gitmirror: runtime/default
- spec:
- volumes:
- - name: cache-volume
- emptyDir:
- medium: Memory
- containers:
- - name: gitmirror
- image: gcr.io/go-dashboard-dev/gitmirror:latest
- imagePullPolicy: Always
- env:
- - name: XDG_CACHE_HOME
- value: "/cache"
- command: ["/usr/bin/tini", "--", "/gitmirror", "-http=:8585", "-cachedir=/cache/gitmirror"]
- volumeMounts:
- - mountPath: /cache
- name: cache-volume
- ports:
- - containerPort: 8585
- resources:
- requests:
- cpu: "1"
- memory: "2Gi"
- limits:
- cpu: "2"
- memory: "4Gi"
-
```
To view, visit change 327756. To unsubscribe, or for help writing mail filters, visit settings.
Reply all
Reply to author
Forward
0 new messages